Cannot add Posix Storage
by shimano
Hi everyone...
I have a little strange situation... I'm trying to add Posix Compliant FS
Storage Domain based on MooseFS. As You can read below, oVirt is mounting
it correctly but it cannot make a Storage Domain. Anybody could help?
// Quick investigation
Is /posix mounted?
root@host008:/tmp mount |grep fuse
root@host008:/tmp
Nope.
Add Storage Domain via Web Panel with parameters:
Name: MooseFS
Domain Function / Storage Type: Data / POSIX Compliant FS
Use Host: HOST008
Path: mfsmount
VFS Type: fuse
Mount Options:
mfsmaster=mfsmaster,mfsport=9421,mfssubfolder=/posix,_netdev
Debug logs from task:
JsonRpc (StompReactor)::DEBUG::2015-04-02
08:52:58,231::stompReactor::98::Broker.StompAdapter::(handle_frame)
Handling message <StompFrame command='SEND'>
JsonRpcServer::DEBUG::2015-04-02
08:52:58,232::__init__::506::jsonrpc.JsonRpcServer::(serve_requests)
Waiting for request
Thread-549209::DEBUG::2015-04-02
08:52:58,232::__init__::469::jsonrpc.JsonRpcServer::(_serveRequest) Calling
'StoragePool.connectStorageServer' in bridge with {'connectionParams':
[{'password': '', 'id': '00000000-0000-0000-0000-000000000000',
'connection': 'mfsmount', 'mnt_options':
'mfsmaster=mfsmaster,mfsport=9421,mfssubfolder=/posix,_netdev', 'user': '',
'tpgt': '1', 'vfs_type': 'fuse', 'iqn': '', 'port': ''}], 'storagepoolID':
'00000000-0000-0000-0000-000000000000', 'domainType': 6}
Thread-549209::DEBUG::2015-04-02
08:52:58,234::task::595::Storage.TaskManager.Task::(_updateState)
Task=`9bb09583-d8f7-4189-b9ab-81b925f8fc13`::moving from state init ->
state preparing
Thread-549209::INFO::2015-04-02
08:52:58,234::logUtils::44::dispatcher::(wrapper) Run and protect:
connectStorageServer(domType=6,
spUUID='00000000-0000-0000-0000-000000000000', conList=[{'iqn': '', 'port':
'', 'connection': 'mfsmount', 'mnt_options':
'mfsmaster=mfsmaster,mfsport=9421,mfssubfolder=/posix,_netdev', 'user': '',
'tpgt': '1', 'vfs_type': 'fuse', 'password': '******', 'id':
'00000000-0000-0000-0000-000000000000'}], options=None)
Thread-549209::DEBUG::2015-04-02
08:52:58,237::fileUtils::142::Storage.fileUtils::(createdir) Creating
directory: /rhev/data-center/mnt/mfsmount
Thread-549209::WARNING::2015-04-02
08:52:58,237::fileUtils::149::Storage.fileUtils::(createdir) Dir
/rhev/data-center/mnt/mfsmount already exists
Thread-549209::DEBUG::2015-04-02
08:52:58,238::mount::227::Storage.Misc.excCmd::(_runcmd) /usr/bin/sudo -n
/bin/mount -t fuse -o
mfsmaster=mfsmaster,mfsport=9421,mfssubfolder=/posix,_netdev mfsmount
/rhev/data-center/mnt/mfsmount (cwd None)
JsonRpc (StompReactor)::DEBUG::2015-04-02
08:52:58,271::stompReactor::98::Broker.StompAdapter::(handle_frame)
Handling message <StompFrame command='SEND'>
JsonRpcServer::DEBUG::2015-04-02
08:52:58,273::__init__::506::jsonrpc.JsonRpcServer::(serve_requests)
Waiting for request
Thread-549210::DEBUG::2015-04-02
08:52:58,276::stompReactor::163::yajsonrpc.StompServer::(send) Sending
response
JsonRpc (StompReactor)::DEBUG::2015-04-02
08:52:58,279::stompReactor::98::Broker.StompAdapter::(handle_frame)
Handling message <StompFrame command='SEND'>
JsonRpcServer::DEBUG::2015-04-02
08:52:58,280::__init__::506::jsonrpc.JsonRpcServer::(serve_requests)
Waiting for request
Thread-549211::DEBUG::2015-04-02
08:52:58,282::stompReactor::163::yajsonrpc.StompServer::(send) Sending
response
Thread-549209::ERROR::2015-04-02
08:52:58,523::hsm::2424::Storage.HSM::(connectStorageServer) Could not
connect to storageServer
Traceback (most recent call last):
File "/usr/share/vdsm/storage/hsm.py", line 2421, in
connectStorageServer
conObj.connect()
File "/usr/share/vdsm/storage/storageServer.py", line 222, in connect
self.getMountObj().getRecord().fs_file)
File "/usr/share/vdsm/storage/mount.py", line 278, in getRecord
(self.fs_spec, self.fs_file))
OSError: [Errno 2] Mount of `mfsmount` at
`/rhev/data-center/mnt/mfsmount` does not exist
Thread-549209::DEBUG::2015-04-02
08:52:58,524::hsm::2443::Storage.HSM::(connectStorageServer) knownSDs:
{2df46204-217e-416f-a072-ab8ef17cd8d2: storage.nfsSD.findDomain,
316c3e1c-4e61-4b0a-b2f6-63cc22d3ab25: storage.nfsSD.findDomain,
6c348f77-bb02-4135-b629-2c9cacb0b85c: storage.nfsSD.findDomain,
00697722-a1ce-4911-a84c-c4688e5076fe: storage.nfsSD.findDomain,
6ac038d7-969d-45b5-be5f-c58a66a78a90: storage.nfsSD.findDomain}
Thread-549209::INFO::2015-04-02
08:52:58,524::logUtils::47::dispatcher::(wrapper) Run and protect:
connectStorageServer, Return response: {'statuslist': [{'status': 100,
'id': '00000000-0000-0000-0000-000000000000'}]}
Thread-549209::DEBUG::2015-04-02
08:52:58,525::task::1191::Storage.TaskManager.Task::(prepare)
Task=`9bb09583-d8f7-4189-b9ab-81b925f8fc13`::finished: {'statuslist':
[{'status': 100, 'id': '00000000-0000-0000-0000-000000000000'}]}
Thread-549209::DEBUG::2015-04-02
08:52:58,525::task::595::Storage.TaskManager.Task::(_updateState)
Task=`9bb09583-d8f7-4189-b9ab-81b925f8fc13`::moving from state preparing ->
state finished
Thread-549209::DEBUG::2015-04-02
08:52:58,526::resourceManager::940::Storage.ResourceManager.Owner::(releaseAll)
Owner.releaseAll requests {} resources {}
Thread-549209::DEBUG::2015-04-02
08:52:58,526::resourceManager::977::Storage.ResourceManager.Owner::(cancelAll)
Owner.cancelAll requests {}
Thread-549209::DEBUG::2015-04-02
08:52:58,526::task::993::Storage.TaskManager.Task::(_decref)
Task=`9bb09583-d8f7-4189-b9ab-81b925f8fc13`::ref 0 aborting False
Thread-549209::DEBUG::2015-04-02
08:52:58,527::__init__::500::jsonrpc.JsonRpcServer::(_serveRequest) Return
'StoragePool.connectStorageServer' in bridge with [{'status': 100, 'id':
'00000000-0000-0000-0000-000000000000'}]
Thread-549209::DEBUG::2015-04-02
08:52:58,527::stompReactor::163::yajsonrpc.StompServer::(send) Sending
response
Thread-29::DEBUG::2015-04-02
08:52:59,236::domainMonitor::209::Storage.DomainMonitorThread::(_monitorDomain)
Refreshing domain 316c3e1c-4e61-4b0a-b2f6-63cc22d3ab25
Really? Incorrect mount options? Trying mount from hand... But first, check
for mounts:
root@host008:/tmp mount |grep fuse
mfsmaster:9421 on /rhev/data-center/mnt/mfsmount type fuse.mfs
(rw,allow_other)
Oh! It is already mounted! So oVirt mounted it correctly, but cannot use
mountpoint? Hm, permissions?
root@host008:/tmp ls -al /rhev/data-center/mnt/mfsmount/
total 4
drwxr-xr-x 2 vdsm kvm 0 Apr 1 14:57 .
drwxr-xr-x 8 vdsm kvm 4096 Apr 2 08:43 ..
Looks fine... Ok, try to unmount and mount manually.
root@host008:/tmp umount /rhev/data-center/mnt/mfsmount/
root@host008:/tmp mount |grep fuse
root@host008:/tmp mount -t fuse -o
mfsmaster=mfsmaster,mfsport=9421,mfssubfolder=/posix,_netdev mfsmount
/rhev/data-center/mnt/mfsmount
mfsmaster accepted connection with parameters: read-write,restricted_ip
; root mapped to root:root
root@host008:/tmp mount |grep fuse
mfsmaster:9421 on /rhev/data-center/mnt/mfsmount type fuse.mfs
(rw,allow_other)
root@host008:/tmp ls -al /rhev/data-center/mnt/mfsmount/
total 4
drwxr-xr-x 2 vdsm kvm 0 Apr 1 14:57 .
drwxr-xr-x 8 vdsm kvm 4096 Apr 2 08:43 ..
Ok, but I'm root. Try to do it as vdsm user.
root@host008:/tmp cat /etc/passwd /etc/group |grep :36:
vdsm:x:36:36:Node Virtualization Manager:/var/lib/vdsm:/bin/bash
kvm:x:36:qemu,sanlock
root@host008:/tmp umount /rhev/data-center/mnt/mfsmount/
root@host008:/tmp su vdsm
vdsm@host008:/tmp /usr/bin/sudo -n /bin/mount -t fuse -o
mfsmaster=mfsmaster,mfsport=9421,mfssubfolder=/posix,_netdev mfsmount
/rhev/data-center/mnt/mfsmount
mfsmaster accepted connection with parameters: read-write,restricted_ip
; root mapped to root:root
vdsm@host008:/tmp ls -al /rhev/data-center/mnt/mfsmount/
total 4
drwxr-xr-x 2 vdsm kvm 0 Apr 1 14:57 .
drwxr-xr-x 8 vdsm kvm 4096 Apr 2 08:43 ..
vdsm@host008:/tmp mkdir
/rhev/data-center/mnt/mfsmount/ovirt-storage-test
vdsm@host008:/tmp ls -al /rhev/data-center/mnt/mfsmount/
total 4
drwxr-xr-x 3 vdsm kvm 0 Apr 2 2015 .
drwxr-xr-x 8 vdsm kvm 4096 Apr 2 08:43 ..
drwxr-xr-x 2 vdsm kvm 0 Apr 2 2015 ovirt-storage-test
// End of quick investigation
9 years, 7 months
Issue with vdsm on EL6 nodes
by knarra
Hi Everyone,
I have updated my nodes to the latest vdsm. After updating when i
try to run "vdsClient -s localhost glusterVolumeStatsInfoGet
volumeName=<vol_name>" i see the following output displayed.
Traceback (most recent call last):
File "/usr/share/vdsm/vdsClient.py", line 2839, in <module>
code, message = commands[command][0](commandArgs)
File "/usr/share/vdsm/vdsClientGluster.py", line 430, in
do_glusterVolumeStatsInfoGet
status = self.s.glusterVolumeStatsInfoGet(volumeName)
File "/usr/lib64/python2.6/xmlrpclib.py", line 1199, in __call__
return self.__send(self.__name, args)
File "/usr/lib64/python2.6/xmlrpclib.py", line 1489, in __request
verbose=self.__verbose
File "/usr/lib64/python2.6/xmlrpclib.py", line 1237, in request
errcode, errmsg, headers = h.getreply()
File "/usr/lib64/python2.6/httplib.py", line 1064, in getreply
response = self._conn.getresponse()
File "/usr/lib64/python2.6/httplib.py", line 990, in getresponse
response.begin()
File "/usr/lib64/python2.6/httplib.py", line 391, in begin
version, status, reason = self._read_status()
File "/usr/lib64/python2.6/httplib.py", line 349, in _read_status
line = self.fp.readline()
File "/usr/lib64/python2.6/socket.py", line 433, in readline
data = recv(1)
File "/usr/lib64/python2.6/ssl.py", line 215, in recv
return self.read(buflen)
File "/usr/lib64/python2.6/ssl.py", line 136, in read
return self._sslobj.read(len)
SSLError: [Errno 1] _ssl.c:1390: error:1409442E:SSL
routines:SSL3_READ_BYTES:tlsv1 alert protocol version
Can some one help me to resolve this issue.
Version of vdsm:
vdsm-python-4.17.0-616.git7548f81.el6.noarch
vdsm-4.17.0-616.git7548f81.el6.x86_64
vdsm-cli-4.17.0-616.git7548f81.el6.noarch
vdsm-yajsonrpc-4.17.0-616.git7548f81.el6.noarch
vdsm-xmlrpc-4.17.0-616.git7548f81.el6.noarch
vdsm-gluster-4.17.0-616.git7548f81.el6.noarch
vdsm-infra-4.17.0-616.git7548f81.el6.noarch
vdsm-jsonrpc-4.17.0-616.git7548f81.el6.noarch
Thanks
kasturi.
9 years, 7 months
oVirt 3.5 - Node Non-Operational
by Marcelo Donato
*Hi everyone! Suggestions are welcome and since I thank you.*
*I have the following scenario:*
Host-01: sequoia.din.uem.br - 10.30.4.1 - Manager
Host-02: jacaranda.din.uem.br - 10.30.4.2 - Node-01
*As indicated below, the hosts communicate normally:*
[root@jacaranda ~]# ping -c 3 sequoia
PING sequoia.din.uem.br (10.30.4.1) 56(84) bytes of data.
64 bytes from sequoia.din.uem.br (10.30.4.1): icmp_seq=1 ttl=64 time=0.436
ms
64 bytes from sequoia.din.uem.br (10.30.4.1): icmp_seq=2 ttl=64 time=0.612
ms
64 bytes from sequoia.din.uem.br (10.30.4.1): icmp_seq=3 ttl=64 time=0.635
ms
[root@sequoia ~]# ping -c 3 jacaranda
PING jacaranda.din.uem.br (10.30.4.2) 56(84) bytes of data.
64 bytes from jacaranda.din.uem.br (10.30.4.2): icmp_seq=1 ttl=64
time=0.443 ms
64 bytes from jacaranda.din.uem.br (10.30.4.2): icmp_seq=2 ttl=64
time=0.587 ms
64 bytes from jacaranda.din.uem.br (10.30.4.2): icmp_seq=3 ttl=64
time=0.563 ms
*Network interfaces*
[root@jacaranda ~]# ifconfig ovirtmgmt
ovirtmgmt Link encap:Ethernet Endereço de HW D4:AE:52:78:4C:17
inet end.: 10.30.4.2 Bcast:10.30.4.255 Masc:255.255.255.0
[root@sequoia ~]# ifconfig
eth0 Link encap:Ethernet Endereço de HW 52:54:00:D2:0F:95
inet end.: 10.30.4.1 Bcast:10.30.4.255 Masc:255.255.255.0
*However engine.log, as highlighted below, the problem is in the
network.*
2015-03-26 15:00:01,799 ERROR
[org.ovirt.engine.core.bll.SetNonOperationalVdsCommand]
(DefaultQuartzScheduler_Worker-91) [35dba220] Host Node-01 is set to
Non-Operational, it is missing the following networks: ovirtmgmt
2015-03-26 15:00:01,806 WARN
[org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector]
(DefaultQuartzScheduler_Worker-91) [35dba220] Correlation ID: 35dba220, Job
ID: 1b3c2410-a941-4d65-b39d-1a3d2ef378b8, Call Stack: null, Custom Event
ID: -1, Message: Host Node-01 does not comply with the cluster Cst-01
networks, the following networks are missing on host: 'ovirtmgmt'
2015-03-26 15:00:01,864 INFO
[org.ovirt.engine.core.vdsbroker.VdsUpdateRunTimeInfo]
(DefaultQuartzScheduler_Worker-91) [6ba58858] Host
4aaf9afb-ae0e-40af-9ef8-ef098d3be91e : Node-01 is already in NonOperational
status for reason NETWORK_UNREACHABLE. SetNonOperationalVds command is
skipped.
[image: Imagem inline 1]
--
Ao encaminhar esta mensagem, por favor:
1. Apague o meu e-mail e o meu nome.
2. Apague também os endereços dos amigos antes de reenviar
3. Use Cco ou Bcc para enviar mensagens!
Dificulte a disseminação de vírus e spam.
9 years, 7 months
Can I somehow disable vdsms "restore_nets" ?
by Ernest Beinrohr
This is a multi-part message in MIME format.
--------------060203060101020203010704
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 7bit
I use quite a lot of my own config and vdsm restores his version of
/etc/sysconfig/network-scripts/ifcfg-* on each start. Can the
restore_nets be disabled somehow?
--
Ernest Beinrohr, AXON PRO
Ing <http://www.beinrohr.sk/ing.php>, RHCE
<http://www.beinrohr.sk/rhce.php>, RHCVA
<http://www.beinrohr.sk/rhce.php>, LPIC
<http://www.beinrohr.sk/lpic.php>, VCA <http://www.beinrohr.sk/vca.php>,
+421-2-62410360 +421-903-482603
--------------060203060101020203010704
Content-Type: text/html; charset=utf-8
Content-Transfer-Encoding: 7bit
<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=utf-8">
</head>
<body bgcolor="#FFFFFF" text="#000000">
I use quite a lot of my own config and vdsm restores his version of
/etc/sysconfig/network-scripts/ifcfg-* on each start. Can the
restore_nets be disabled somehow?<br>
<br>
<br>
<div class="moz-signature">-- <br>
<div id="oernii_footer" style="color: gray;">
<span style="font-family: Lucida Console, Luxi Mono, Courier,
monospace; font-size: 90%;">
Ernest Beinrohr, AXON PRO<br>
<a style="text-decoration: none; color: gray;"
href="http://www.beinrohr.sk/ing.php">Ing</a>, <a
style="text-decoration: none; color: gray;"
href="http://www.beinrohr.sk/rhce.php">RHCE</a>, <a
style="text-decoration: none; color: gray;"
href="http://www.beinrohr.sk/rhce.php">RHCVA</a>, <a
style="text-decoration: none; color: gray;"
href="http://www.beinrohr.sk/lpic.php">LPIC</a>, <a
style="text-decoration: none; color: gray;"
href="http://www.beinrohr.sk/vca.php">VCA</a>, <br>
+421-2-62410360 +421-903-482603
<br>
</span> </div>
<img
src="http://nojsstats.appspot.com/UA-44497096-1/email.beinrohr.sk"
moz-do-not-send="true" border="0" width="1" height="1">
</div>
</body>
</html>
--------------060203060101020203010704--
9 years, 7 months
RARP and Vlan problem
by Pavel Gandalipov
Hello, we have logical cluster, that consists of two servers. Each server
connected to each of two switches.
On the server cluster we run the virtualization farm on which testing
virtual machine's migration. In our topology we separate servers's network
and virtual machines' network to vlan 3 and 4, respectively.
When we manually migrating VM that belongs to Vlan 4 from one host to
another we are loosing access to VM because although host sends RARP packet
it isn't updating arp table . So host belongs to another vlan then RARP
packet from host isn't updating arp entry of VM on the switch. And i have
no idea how to make it work.
Pavel Gandalipov
9 years, 7 months
Cancel a running task | Zombie Task
by Punit Dambiwal
Hi,
I have checked and found two tasks running from last 14 hours and there is
no option to kill it...
[image: Inline image 1]
from the SPM host :-
[root@cpu11 ~]# vdsClient -s 0 getAllTasksStatuses
{'status': {'message': 'OK', 'code': 0}, 'allTasksStatus': {}}
[root@cpu11 ~]#
Please let me know how i can kill those processes...
Thanks,
Punit
9 years, 7 months
install IOPS limits
by Roman Nikolayevich Drovalev
�Ý�ò�î �ñ�î�î�á�ù�å�í�è�å �è�ç �í�å�ñ�ê�î�ë�ü�ê�è�õ �÷�à�ñ�ò�å�é �â �ô�î�ð�ì�à�ò�å MIME.
--=_alternative 0029826F43257E22_=
Content-Type: text/plain; charset="US-ASCII"
Hello,
How it is possible to instal restrictions for everyone VM IOPS
restrictions?
I have read the documentation, how it can be made?
http://www.ovirt.org/Features/blkio-support
>From the documentation:
Engine Core
DB
qos: added limit fields to qos table:
max_throughput
max_read_throughput
max_write_throughput
max_iops
max_read_iops
max_write_iops
Thanks,
Roman Drovalev
--=_alternative 0029826F43257E22_=
Content-Type: text/html; charset="US-ASCII"
<font size=2 face="sans-serif">Hello,</font>
<br>
<br><font size=1 face="Segoe UI">How it is possible to instal restrictions
for everyone VM IOPS restrictions?</font>
<br>
<br><font size=1 face="Segoe UI"> I have read the documentation, how
it can be made?</font>
<br><font size=2 face="sans-serif"><br>
</font>
<br><a href="http://www.ovirt.org/Features/blkio-support"><font size=2 face="sans-serif">http://www.ovirt.org/Features/blkio-support</font></a>
<br>
<br><font size=1 face="Segoe UI">From the documentation:</font>
<br><font size=4><b>Engine Core </b></font>
<br><font size=3><b>DB </b></font>
<p><font size=3>qos: added limit fields to qos table: </font>
<p><tt><font size=3> max_throughput<br>
max_read_throughput<br>
max_write_throughput<br>
max_iops<br>
max_read_iops<br>
max_write_iops<br>
</font></tt>
<br>
<br>
<p>
<p><font size=2 face="sans-serif">Thanks, </font>
<p><font size=2 face="sans-serif">Roman Drovalev</font>
--=_alternative 0029826F43257E22_=--
9 years, 7 months
FW: gluster and multipath
by Bill Dossett
--_000_B47F00825D68444ABC03733078275360377AEF00013BR1MPN1011MG_
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Fumble fingered accidental send...
From: Bill Dossett
Sent: 09 April 2015 11:33
To: users(a)ovirt.org
Subject: gluster and multipath
Hi,
Just got very confused trying to add create an additional brick on my glust=
er node (I had created one yesterday and all was fine0
I had already created a partition on my /dev/sdb called sdb1
But when I tried mkfs.xfs (I am using xfs as that was in the example I was=
following - if LVM or something else would be better I am open to suggesti=
ons!)
It said /dev/sdb1 no such file or directory - which confused me as this wor=
ked yesterday.
I deleted the partition recreated it and tried and then it said that the de=
vice was busy.
It appears that multipathd is the culprit... but what I am struggling with =
is why it worked yesterday?? I may have created the partition before I pus=
hed the gluster install to it from the ovirt-engine? And does that install=
multipathd and it is now grabbing my devices? It is the only thing I can =
think of.
And if that is the case - I guess I have to blacklist these devices in mult=
ipath.conf while I create the partitions? And reboot and then remove the b=
lacklist and reboot - seems a bit clunky, is there a better way to add part=
itions and bricks?
Or I am just in a vortex wormhole of misunderstanding and grasping at stars=
to try and pull myself out ?
Thankyou for any advice - especially as this may not be so ovirt or a quest=
ion, but it's what I am working on.
Bill Dossett
Systems Architect
Tech Central - Global Engineering Services
T +1 303 440 3523
M +44 (0)777 590 8612
bill.dossett(a)pb.com<mailto:bill.dossett@pb.com>
pitneybowes.com<http://pitneybowes.com/>
Pitney Bowes
4750 Walnut Street | Boulder, Colorado, 80301 | USA
In Engineering?
Raise a ticket via Remedy Anywhere [HERE<applewebdata://5D25CA10-0BA9-4233-=
9DDF-69951F87F8AB/teamsite.inside.pb.com/sites/TCPPM/GES/Lists/Create%20Inc=
ident/newIncident.aspx>] takes less than a minute
CloudForms User Guide available [HERE<https://dl.dropboxusercontent.com/u/6=
219441/ManageIQ%20-%20User%20Manual%20PB%20v5.pdf>]
________________________________
--_000_B47F00825D68444ABC03733078275360377AEF00013BR1MPN1011MG_
Content-Type: text/html; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
<html xmlns:v=3D"urn:schemas-microsoft-com:vml" xmlns:o=3D"urn:schemas-micr=
osoft-com:office:office" xmlns:w=3D"urn:schemas-microsoft-com:office:word" =
xmlns:m=3D"http://schemas.microsoft.com/office/2004/12/omml" xmlns=3D"http:=
//www.w3.org/TR/REC-html40">
<head>
<meta http-equiv=3D"Content-Type" content=3D"text/html; charset=3Dus-ascii"=
>
<meta name=3D"Generator" content=3D"Microsoft Word 15 (filtered medium)">
<style><!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0cm;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri","sans-serif";
mso-fareast-language:EN-US;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:#0563C1;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:#954F72;
text-decoration:underline;}
span.EmailStyle17
{mso-style-type:personal;
font-family:"Calibri","sans-serif";
color:windowtext;}
span.EmailStyle18
{mso-style-type:personal-reply;
font-family:"Calibri","sans-serif";
color:#1F497D;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page WordSection1
{size:612.0pt 792.0pt;
margin:72.0pt 72.0pt 72.0pt 72.0pt;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext=3D"edit" spidmax=3D"1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext=3D"edit">
<o:idmap v:ext=3D"edit" data=3D"1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang=3D"EN-GB" link=3D"#0563C1" vlink=3D"#954F72">
<div class=3D"WordSection1">
<p class=3D"MsoNormal"><span style=3D"color:#1F497D">Fumble fingered accide=
ntal send…<o:p></o:p></span></p>
<p class=3D"MsoNormal"><span style=3D"color:#1F497D"><o:p> </o:p></spa=
n></p>
<p class=3D"MsoNormal"><span style=3D"color:#1F497D"><o:p> </o:p></spa=
n></p>
<p class=3D"MsoNormal"><span style=3D"color:#1F497D"><o:p> </o:p></spa=
n></p>
<div>
<div style=3D"border:none;border-top:solid #E1E1E1 1.0pt;padding:3.0pt 0cm =
0cm 0cm">
<p class=3D"MsoNormal"><b><span lang=3D"EN-US" style=3D"mso-fareast-languag=
e:EN-GB">From:</span></b><span lang=3D"EN-US" style=3D"mso-fareast-language=
:EN-GB"> Bill Dossett
<br>
<b>Sent:</b> 09 April 2015 11:33<br>
<b>To:</b> users(a)ovirt.org<br>
<b>Subject:</b> gluster and multipath<o:p></o:p></span></p>
</div>
</div>
<p class=3D"MsoNormal"><o:p> </o:p></p>
<p class=3D"MsoNormal">Hi,<o:p></o:p></p>
<p class=3D"MsoNormal"><o:p> </o:p></p>
<p class=3D"MsoNormal">Just got very confused trying to add create an addit=
ional brick on my gluster node (I had created one yesterday and all was fin=
e0<o:p></o:p></p>
<p class=3D"MsoNormal"><o:p> </o:p></p>
<p class=3D"MsoNormal">I had already created a partition on my /dev/sdb cal=
led sdb1<o:p></o:p></p>
<p class=3D"MsoNormal"><o:p> </o:p></p>
<p class=3D"MsoNormal">But when I tried mkfs.xfs (I am using xfs as t=
hat was in the example I was following – if LVM or something else wou=
ld be better I am open to suggestions!)<o:p></o:p></p>
<p class=3D"MsoNormal"><o:p> </o:p></p>
<p class=3D"MsoNormal">It said /dev/sdb1 no such file or directory – =
which confused me as this worked yesterday.<o:p></o:p></p>
<p class=3D"MsoNormal"><o:p> </o:p></p>
<p class=3D"MsoNormal">I deleted the partition recreated it and tried and t=
hen it said that the device was busy.<o:p></o:p></p>
<p class=3D"MsoNormal"><o:p> </o:p></p>
<p class=3D"MsoNormal">It appears that multipathd is the culprit… but=
what I am struggling with is why it worked yesterday?? I may have cr=
eated the partition before I pushed the gluster install to it from the ovir=
t-engine? And does that install multi<span style=3D"color:#1F497D">pa=
thd
and it is now grabbing my devices? It is the only thing I can think =
of.</span><o:p></o:p></p>
<p class=3D"MsoNormal"><span style=3D"color:#1F497D"><o:p> </o:p></spa=
n></p>
<p class=3D"MsoNormal"><span style=3D"color:#1F497D">And if that is the cas=
e – I guess I have to blacklist these devices in multipath.conf while=
I create the partitions? And reboot and then remove the blacklist an=
d reboot – seems a bit clunky, is there a better
way to add partitions and bricks?<o:p></o:p></span></p>
<p class=3D"MsoNormal"><span style=3D"color:#1F497D"><o:p> </o:p></spa=
n></p>
<p class=3D"MsoNormal"><span style=3D"color:#1F497D">Or I am just in a vort=
ex wormhole of misunderstanding and grasping at stars to try and pull mysel=
f out ?<o:p></o:p></span></p>
<p class=3D"MsoNormal"><span style=3D"color:#1F497D"><o:p> </o:p></spa=
n></p>
<p class=3D"MsoNormal"><span style=3D"color:#1F497D">Thankyou for any advic=
e – especially as this may not be so ovirt or a question, but it̵=
7;s what I am working on.<o:p></o:p></span></p>
<p class=3D"MsoNormal"><span style=3D"color:#1F497D"><o:p> </o:p></spa=
n></p>
<p class=3D"MsoNormal"><span style=3D"color:#1F497D"><o:p> </o:p></spa=
n></p>
<p class=3D"MsoNormal"><o:p> </o:p></p>
<table class=3D"MsoNormalTable" border=3D"0" cellspacing=3D"0" cellpadding=
=3D"0" width=3D"1280" style=3D"width:960.0pt">
<tbody>
<tr>
<td width=3D"640" style=3D"width:480.0pt;padding:0cm 0cm 0cm 0cm">
<p class=3D"MsoNormal"><b><span style=3D"font-size:10.0pt;font-family:"=
;Arial","sans-serif";color:#0082D5;mso-fareast-language:EN-G=
B">Bill Dossett</span></b><span style=3D"mso-fareast-language:EN-GB"><o:p><=
/o:p></span></p>
<p class=3D"MsoNormal"><span style=3D"font-size:10.0pt;font-family:"Ar=
ial","sans-serif";mso-fareast-language:EN-GB">Systems Archit=
ect</span><span style=3D"mso-fareast-language:EN-GB"><o:p></o:p></span></p>
</td>
</tr>
<tr>
<td width=3D"640" style=3D"width:480.0pt;padding:0cm 0cm 0cm 0cm">
<p class=3D"MsoNormal"><b><span style=3D"font-size:10.0pt;font-family:"=
;Arial","sans-serif";mso-fareast-language:EN-GB">Tech Centra=
l – Global Engineering Services</span></b><span style=3D"mso-fareast-=
language:EN-GB"><o:p></o:p></span></p>
<p class=3D"MsoNormal"><span style=3D"font-size:10.0pt;mso-fareast-language=
:EN-GB"> </span><span style=3D"mso-fareast-language:EN-GB"><o:p></o:p>=
</span></p>
<p class=3D"MsoNormal"><b><span style=3D"font-size:10.0pt;font-family:"=
;Arial","sans-serif";mso-fareast-language:EN-GB">T</span></b=
><span style=3D"font-size:10.0pt;font-family:"Arial","sans-s=
erif";mso-fareast-language:EN-GB"> +1 303 440 3523</span><spa=
n style=3D"mso-fareast-language:EN-GB"><o:p></o:p></span></p>
<p class=3D"MsoNormal"><b><span style=3D"font-size:10.0pt;font-family:"=
;Arial","sans-serif";mso-fareast-language:EN-GB">M</span></b=
><span style=3D"font-size:10.0pt;font-family:"Arial","sans-s=
erif";mso-fareast-language:EN-GB"> +44 (0)777 590 8612</span>=
<span style=3D"mso-fareast-language:EN-GB"><o:p></o:p></span></p>
<p class=3D"MsoNormal"><span style=3D"mso-fareast-language:EN-GB"><a href=
=3D"mailto:bill.dossett@pb.com"><span style=3D"color:#954F72">bill.dossett@=
pb.com</span></a><o:p></o:p></span></p>
<p class=3D"MsoNormal"><span style=3D"mso-fareast-language:EN-GB"><a href=
=3D"http://pitneybowes.com/"><span style=3D"color:#954F72">pitneybowes.com<=
/span></a><o:p></o:p></span></p>
<p class=3D"MsoNormal"><span style=3D"font-size:10.0pt;mso-fareast-language=
:EN-GB"><br>
</span><b><span style=3D"font-size:10.0pt;font-family:"Arial",&qu=
ot;sans-serif";mso-fareast-language:EN-GB">Pitney Bowes</span></b><spa=
n style=3D"mso-fareast-language:EN-GB"><o:p></o:p></span></p>
<p class=3D"MsoNormal"><span style=3D"font-size:10.0pt;font-family:"Ar=
ial","sans-serif";mso-fareast-language:EN-GB">4750 Walnut St=
reet | Boulder, Colorado, 80301 | USA</span><span style=3D"mso-fareast-lang=
uage:EN-GB"><o:p></o:p></span></p>
<p class=3D"MsoNormal"><span style=3D"font-size:10.0pt;font-family:"Ar=
ial","sans-serif";mso-fareast-language:EN-GB"> </span><=
span style=3D"mso-fareast-language:EN-GB"><o:p></o:p></span></p>
</td>
</tr>
<tr>
<td width=3D"640" style=3D"width:480.0pt;padding:0cm 0cm 0cm 0cm">
<p class=3D"MsoNormal"><span style=3D"mso-fareast-language:EN-GB"> <o:=
p></o:p></span></p>
</td>
</tr>
<tr>
<td width=3D"640" style=3D"width:480.0pt;padding:0cm 0cm 0cm 0cm">
<p class=3D"MsoNormal" style=3D"page-break-after:avoid"><span style=3D"font=
-size:10.0pt;font-family:"Arial","sans-serif";mso-farea=
st-language:EN-GB">In Engineering?</span><span style=3D"mso-fareast-languag=
e:EN-GB"><o:p></o:p></span></p>
<p class=3D"MsoNormal"><b><span style=3D"font-size:10.0pt;font-family:"=
;Arial","sans-serif";mso-fareast-language:EN-GB">Raise a tic=
ket via Remedy Anywhere [<span style=3D"color:#0082D5"><a href=3D"applewebd=
ata://5D25CA10-0BA9-4233-9DDF-69951F87F8AB/teamsite.inside.pb.com/sites/TCP=
PM/GES/Lists/Create%20Incident/newIncident.aspx"><span style=3D"color:#0082=
D5">HERE</span></a></span>]<span style=3D"color:blue"> </span>takes
less than a minute</span></b><span style=3D"mso-fareast-language:EN-GB"><o=
:p></o:p></span></p>
<p class=3D"MsoNormal"><b><span style=3D"font-size:10.0pt;font-family:"=
;Arial","sans-serif";mso-fareast-language:EN-GB"> </spa=
n></b><span style=3D"mso-fareast-language:EN-GB"><o:p></o:p></span></p>
<p class=3D"MsoNormal"><b><span style=3D"font-size:10.0pt;font-family:"=
;Arial","sans-serif";mso-fareast-language:EN-GB">CloudForms =
User Guide available</span></b><span style=3D"font-size:10.0pt;font-family:=
"Arial","sans-serif";mso-fareast-language:EN-GB"> =
[<b><span style=3D"color:#0082D5"><a href=3D"https://dl.dropboxusercontent.=
com/u/6219441/ManageIQ%20-%20User%20Manual%20PB%20v5.pdf"><span style=3D"co=
lor:#0082D5">HERE</span></a></span></b>]</span><span style=3D"mso-fareast-l=
anguage:EN-GB"><o:p></o:p></span></p>
</td>
</tr>
</tbody>
</table>
<p class=3D"MsoNormal"><span style=3D"mso-fareast-language:EN-GB"><o:p>&nbs=
p;</o:p></span></p>
<p class=3D"MsoNormal"><o:p> </o:p></p>
</div>
<br>
<hr>
<font face=3D"Arial" color=3D"Black" size=3D"2"><br>
</font>
</body>
</html>
--_000_B47F00825D68444ABC03733078275360377AEF00013BR1MPN1011MG_--
9 years, 7 months
simple-sso w. kerberos & iplanet ldap - login slow and unreliable (ovirt 3.5.1.1)
by Alastair Neil
I have configured the simple-sso with kerberos. I can successfully login
most of the time, but often the login fails and I am dropped at the portal
login window and prompted for the internal account username and password.
Host is FC 20. Also, adding users in the GMU-authz o=gmu.edu namespace is
agonisingly slow returning from the directory lookup.
I can see from the apache logs that the kerberos authentication is
successful, but in the engine logs I see many errors:
2015-04-09 13:39:28,493 ERROR
> [org.ovirt.engine.core.aaa.filters.BasicAuthenticationFilter]
> (ajp--127.0.0.1-8702-11) Cannot obtain profile for user aneil2
and eventually:
2015-04-09 13:39:28,342 ERROR
> [org.ovirt.engine.core.aaa.filters.BasicAuthenticationFilter]
> (ajp--127.0.0.1-8702-5) Cannot obtain profile for user aneil2
> {Extkey[name=EXTENSION_INVOKE_CONTEXT;type=class
> org.ovirt.engine.api.extensions.ExtMap;uuid=EXTENSION_INVOKE_CONTEXT[886d2ebb-312a-49ae-9cc3-e1f849834b7d];]={Extkey[name=EXTENSION_INTERFACE_VERSION_MAX;type=class
> java.lang.Integer;uuid=EXTENSION_INTERFACE_VERSION_MAX[f4cff49f-2717-4901-8ee9-df362446e3e7];]=0,
> Extkey[name=EXTENSION_LICENSE;type=class
> java.lang.String;uuid=EXTENSION_LICENSE[8a61ad65-054c-4e31-9c6d-1ca4d60a4c18];]=ASL
> 2.0, Extkey[name=EXTENSION_NOTES;type=class
> java.lang.String;uuid=EXTENSION_NOTES[2da5ad7e-185a-4584-aaff-97f66978e4ea];]=Display
> name: ovirt-engine-extension-aaa-ldap-1.0.2-1.fc20,
> Extkey[name=EXTENSION_HOME_URL;type=class
> java.lang.String;uuid=EXTENSION_HOME_URL[4ad7a2f4-f969-42d4-b399-72d192e18304];]=
> http://www.ovirt.org, Extkey[name=EXTENSION_LOCALE;type=class
> java.lang.String;uuid=EXTENSION_LOCALE[0780b112-0ce0-404a-b85e-8765d778bb29];]=en_US,
> Extkey[name=EXTENSION_NAME;type=class
> java.lang.String;uuid=EXTENSION_NAME[651381d3-f54f-4547-bf28-b0b01a103184];]=ovirt-engine-extension-aaa-ldap.authz,
> Extkey[name=EXTENSION_INTERFACE_VERSION_MIN;type=class
> java.lang.Integer;uuid=EXTENSION_INTERFACE_VERSION_MIN[2b84fc91-305b-497b-a1d7-d961b9d2ce0b];]=0,
> Extkey[name=EXTENSION_CONFIGURATION;type=class
> java.util.Properties;uuid=EXTENSION_CONFIGURATION[2d48ab72-f0a1-4312-b4ae-5068a226b0fc];]=***,
> Extkey[name=EXTENSION_AUTHOR;type=class
> java.lang.String;uuid=EXTENSION_AUTHOR[ef242f7a-2dad-4bc5-9aad-e07018b7fbcc];]=The
> oVirt Project, Extkey[name=AAA_AUTHZ_QUERY_MAX_FILTER_SIZE;type=class
> java.lang.Integer;uuid=AAA_AUTHZ_QUERY_MAX_FILTER_SIZE[2eb1f541-0f65-44a1-a6e3-014e247595f5];]=50,
> Extkey[name=EXTENSION_INSTANCE_NAME;type=class
> java.lang.String;uuid=EXTENSION_INSTANCE_NAME[65c67ff6-aeca-4bd5-a245-8674327f011b];]=GMU-authz,
> Extkey[name=EXTENSION_BUILD_INTERFACE_VERSION;type=class
> java.lang.Integer;uuid=EXTENSION_BUILD_INTERFACE_VERSION[cb479e5a-4b23-46f8-aed3-56a4747a8ab7];]=0,
> Extkey[name=EXTENSION_CONFIGURATION_SENSITIVE_KEYS;type=interface
> java.util.Collection;uuid=EXTENSION_CONFIGURATION_SENSITIVE_KEYS[a456efa1-73ff-4204-9f9b-ebff01e35263];]=[],
> Extkey[name=EXTENSION_GLOBAL_CONTEXT;type=class
> org.ovirt.engine.api.extensions.ExtMap;uuid=EXTENSION_GLOBAL_CONTEXT[9799e72f-7af6-4cf1-bf08-297bc8903676];]=*skip*,
> Extkey[name=EXTENSION_VERSION;type=class
> java.lang.String;uuid=EXTENSION_VERSION[fe35f6a8-8239-4bdb-ab1a-af9f779ce68c];]=1.0.2,
> Extkey[name=AAA_AUTHZ_AVAILABLE_NAMESPACES;type=interface
> java.util.Collection;uuid=AAA_AUTHZ_AVAILABLE_NAMESPACES[6dffa34c-955f-486a-bd35-0a272b45a711];]=[o=
> gmu.edu], Extkey[name=EXTENSION_MANAGER_TRACE_LOG;type=interface
> org.slf4j.Logger;uuid=EXTENSION_MANAGER_TRACE_LOG[863db666-3ea7-4751-9695-918a3197ad83];]=org.slf4j.impl.Slf4jLogger(org.ovirt.engine.core.extensions.mgr.ExtensionsManager.trace.ovirt-engine-extension-aaa-ldap.authz.GMU-authz),
> Extkey[name=EXTENSION_PROVIDES;type=interface
> java.util.Collection;uuid=EXTENSION_PROVIDES[8cf373a6-65b5-4594-b828-0e275087de91];]=[org.ovirt.engine.api.extensions.aaa.Authz],
> Extkey[name=EXTENSION_CONFIGURATION_FILE;type=class
> java.lang.String;uuid=EXTENSION_CONFIGURATION_FILE[4fb0ffd3-983c-4f3f-98ff-9660bd67af6a];]=/etc/ovirt-engine/extensions.d/GMU-authz.properties},
> Extkey[name=AAA_AUTHZ_QUERY_FLAGS;type=class
> java.lang.Integer;uuid=AAA_AUTHZ_QUERY_FLAGS[97d226e9-8d87-49a0-9a7f-af689320907b];]=3,
> Extkey[name=EXTENSION_INVOKE_COMMAND;type=class
> org.ovirt.engine.api.extensions.ExtUUID;uuid=EXTENSION_INVOKE_COMMAND[485778ab-bede-4f1a-b823-77b262a2f28d];]=AAA_AUTHZ_FETCH_PRINCIPAL_RECORD[5a5bf9bb-9336-4376-a823-26efe1ba26df],
> Extkey[name=AAA_AUTHN_AUTH_RECORD;type=class
> org.ovirt.engine.api.extensions.ExtMap;uuid=AAA_AUTHN_AUTH_RECORD[e9462168-b53b-44ac-9af5-f25e1697173e];]={Extkey[name=AAA_AUTHN_AUTH_RECORD_PRINCIPAL;type=class
> java.lang.String;uuid=AAA_AUTHN_AUTH_RECORD_PRINCIPAL[c3498f07-11fe-464c-958c-8bd7490b119a];]=aneil2}}
> {Extkey[name=EXTENSION_INVOKE_RESULT;type=class
> java.lang.Integer;uuid=EXTENSION_INVOKE_RESULT[0909d91d-8bde-40fb-b6c0-099c772ddd4e];]=2,
> Extkey[name=EXTENSION_INVOKE_MESSAGE;type=class
> java.lang.String;uuid=EXTENSION_INVOKE_MESSAGE[b7b053de-dc73-4bf7-9d26-b8bdb72f5893];]=Cannot
> locate principal 'aneil2'}
> 2015-04-09 13:39:28,527 ERROR
> [org.ovirt.engine.core.aaa.filters.BasicAuthenticationFilter]
> (ajp--127.0.0.1-8702-6) Cannot obtain profile for user aneil2
> 2015-04-09 13:39:28,493 ERROR
> [org.ovirt.engine.core.aaa.filters.BasicAuthenticationFilter]
> (ajp--127.0.0.1-8702-11) Cannot obtain profile for user aneil2
> 2015-04-09 13:39:28,593 INFO
> [org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector]
> (ajp--127.0.0.1-8702-6) Correlation ID: null, Call Stack: null, Custom
> Event ID: -1, Message: User aneil2@GMU.EDU(a)GMU-http logged in.
I suspect the ldap lookup is not working correctly. Here are the relevant
config files:
cat /etc/ovirt-engine/aaa/GMU.properties file:
# Select one
> #
> #include = <openldap.properties>
> #include = <389ds.properties>
> #include = <rhds.properties>
> #include = <ipa.properties>
> include = <iplanet.properties>
> #include = <rfc2307.properties>
> #include = <rfc2307-openldap.properties>
> #
> # Server
> #
> vars.server = dirapps.gmu.edu
> #
> # Search user and its password.
> #
> vars.user = uid=proxy,ou=people,o=gmu.edu
> vars.password = XXXXXXXXXX
> pool.default.serverset.single.server = ${global:vars.server}
> pool.default.auth.simple.bindDN = ${global:vars.user}
> pool.default.auth.simple.password = ${global:vars.password}
> # Create keystore, import certificate chain and uncomment
> # if using ssl/tls.
> #pool.default.ssl.startTLS = true
> #pool.default.ssl.truststore.file =
> ${local:_basedir}/${global:vars.server}.jks
> #pool.default.ssl.truststore.password = changeit
> cat /etc/ovirt-engine/extensions.d/GMU-authz.properties
> ovirt.engine.extension.name = GMU-authz
> ovirt.engine.extension.bindings.method = jbossmodule
> ovirt.engine.extension.binding.jbossmodule.module =
> org.ovirt.engine-extensions.aaa.ldap
> ovirt.engine.extension.binding.jbossmodule.class =
> org.ovirt.engineextensions.aaa.ldap.AuthzExtension
> ovirt.engine.extension.provides = org.ovirt.engine.api.extensions.aaa.Authz
> config.profile.file.1 = ../aaa/GMU.properties
> #config.globals.bindFormat.simple_bindFormat = realm
cat /etc/ovirt-engine/extensions.d/GMU-http-authn.properties
> ovirt.engine.extension.name = GMU-http-authn
> ovirt.engine.extension.bindings.method = jbossmodule
> ovirt.engine.extension.binding.jbossmodule.module =
> org.ovirt.engine-extensions.aaa.misc
> ovirt.engine.extension.binding.jbossmodule.class =
> org.ovirt.engineextensions.aaa.misc.http.AuthnExtension
> ovirt.engine.extension.provides = org.ovirt.engine.api.extensions.aaa.Authn
> ovirt.engine.aaa.authn.profile.name = GMU-http
> ovirt.engine.aaa.authn.authz.plugin = GMU-authz
> ovirt.engine.aaa.authn.mapping.plugin = http-mapping
> config.artifact.name = HEADER
> config.artifact.arg = X-Remote-User
cat /etc/ovirt-engine/extensions.d/http-mapping.properties
> ovirt.engine.extension.name = http-mapping
> ovirt.engine.extension.bindings.method = jbossmodule
> ovirt.engine.extension.binding.jbossmodule.module =
> org.ovirt.engine-extensions.aaa.misc
> ovirt.engine.extension.binding.jbossmodule.class =
> org.ovirt.engineextensions.aaa.misc.mapping.MappingExtension
> ovirt.engine.extension.provides =
> org.ovirt.engine.api.extensions.aaa.Mapping
> config.mapAuthRecord.type = regex
> config.mapAuthRecord.regex.mustMatch = true
> config.mapAuthRecord.regex.pattern =
> ^(?<user>.*?)((\\\\(?<at>@)(?<suffix>.*?)@.*)|(?<realm>@.*))$
> config.mapAuthRecord.regex.replacement = ${user}${at}${suffix}
> cat /etc/ovirt-engine/aaa/ovirt-sso.conf
> #
> # 1. make sure /etc/krb5.keytab is available and valid.
> # 2. update KrbAuthRealms
> # 3. symlink into /etc/httpd/conf.d
> #
> <LocationMatch ^(/ovirt-engine/(webadmin|userportal|api)|/api)>
> RewriteEngine on
> RewriteCond %{LA-U:REMOTE_USER} ^(.*)$
> RewriteRule ^(.*)$ - [L,P,E=REMOTE_USER:%1]
> RequestHeader set X-Remote-User %{REMOTE_USER}s
> LogLevel debug
> AuthType Kerberos
> AuthName "Kerberos Login"
> Krb5Keytab /etc/httpd/http.keytab
> KrbAuthRealms GMU.EDU VSNET.GMU.EDU
> KrbServiceName HTTP/ovirt-admin-hosted.vsnet.gmu.edu
> Require valid-user
> </LocationMatch>
The LDAP server is: Sun-Directory-Server/11.1.1.5.0
I have no administrative access to the ldap server, but I can successfully
search via ldapsearch by binding with the proxy dn and password.
Any ideas what might be wrong, or how to troubleshoot?
-Alastair
>
9 years, 7 months
PXE boot issue
by Brandon Merjil
Hello,
I am testing provisioning from foreman 1.8.0 to ovirt 3.5 with both on
CentOS 7.1503 and have run into an issue after the system has been deployed
to ovirt.
When the guest system reboots after the kickstart completes it loads the
PXE menu from a the same tftp server which tries to start localboot 0. It
then tries to boot based on the order that ovirt had set for the guest,
which is PXE first and HD second.
The message I'm seeing is "Booting from local disk...
No more network devices
No bootable device"
If I change the guest boot options to only the virtual HD the guest boots
up without an issue.
I have also done a provision to a plain libvirt/kvm server and had no issue
after the reboot. Same foreman server and tftp server with PXE menu
localboot 0 option were used.
Any ideas what I might be running into here, and any additional information
needed.
Thanks.
9 years, 7 months
